Beware of Net losses

SURFERS thinking about buying financial services over the Internet should beware of the sharks. It is not clear how many predators lurk in cyberspace.

If the provider is running a scam or gives bad advice, investors may not find out until they have lost their money. And if third parties hack into the system and snatch your personal details, you may be vulnerable to theft.

Many of the services and products on the Net are sold execution only - that is to say you do not get proper advice as to their suitability. You should buy without advice only if you feel confident doing so. If unfamiliar with a UK investment company, check it is authorised by the Securities and Investment Board, the chief financial regulator. A guide available from the SIB, entitled How to Spot the Investment Cowboys, has some useful tips.

But the global nature of the Internet creates new problems for investors. For the price of a local phone call, you can now gain access to products and services all over the world. Anyone could, in theory, set up from a location offshore with a lax regulatory environment - say one of the Caribbean islands - and make an entirely misleading offer. Some companies and offers may well not be regulated at all. There may be no legal recourse if something goes wrong, and no chance of compensation. Financial services customers need to be aware of different local regulations and risk. In practice, this will mean most people should steer clear of the unfamiliar or the uncheckable.

Buyers should beware of making purchases over the Net by credit or debit card without a security device to prevent theft of their card details by criminals with "sniffer" programmes. These root through the Net for 16-digit numbers - the usual length of a credit card number - and store them up for use at a later date. Providing you notice your credit or debit card has been used fraudulently, you should be able get most or all of your money back, under the Consumer Credit Act and Banking Code of Practice respectively.

Credit-card details are safer when used in conjunction with secure software such as the Netscape Navigator browser. The browser employs encryption techniques to ensure confidentiality. Netscape Navigator is the market leader and is available on a free "trial" basis on the Net (after that you are supposed to pay $44 (pounds 28) for a licence). For secure transactions, both site and user should have Netscape software. The line is secure if it has a key symbol at the bottom. A broken key means you should keep your credit card in your pocket.

Payment protected by Net-scape is arguably safer than by phone, where you could be overheard, or even payment made in person, where the carbon slip could be stolen. But a French student has managed to hack the system - though it took him eight days, 112 computers and $10,000 worth of computer time.

Because it is not completely hacker-proof, the system is not seen as safe enough for on-line banking. In the US, there is a more sophisticated, hacker-proof version of Netscape - with 128 bits instead of the 40 bits in the export version available to the rest of the world. But for reasons of national security the US will not release it internationally.

One or two European banks, however, are ahead of the game. Banknet (, operated by Secure Trust Bank, is testing its own secure system.